New malware backdoors VMware ESXi servers to hijack virtual machines
With the help of malicious vSphere Installation Bundles, the attacker could install on the bare-metal hypervisor two backdoors
Read More...With the help of malicious vSphere Installation Bundles, the attacker could install on the bare-metal hypervisor two backdoors
Read More...The vulnerability turns out to be so critical that it allows the attacker to do RCE on the compromised system
Read More...Tracked as CVE-2022-3236, the flaw was found in the User Portal and Webadmin of Sophos Firewall, allowing attackers to perform remote code execution (RCE)
Read More...Zoho has warned of the public availability of a proof-of-concept (PoC) exploit for the vulnerability
Read More...Disclosed in 2007 and tagged as CVE-2007-4559, the security issue never received a patch, the only mitigation provided being a documentation update warning developers about the risk.
Read More...The lure in these phishing emails is a request for bids for lucrative government projects, taking them to phishing pages that are clones of legitimate federal agency portals
Read More...Because adware doesn't create notable damage to victims' systems, besides eating up some bandwidth, it is usually a threat that is ignored or downplayed by analysts
Read More...The botnet is now being used to install a Cobalt Strike beacon on infected systems as a second-stage payload
Read More...Depending on the website you visit, the form data may itself include PII—including but not limited to Social Security Numbers (SSNs)/Social Insurance Numbers (SINs), name, address, email, date of birth (DOB), contact information, bank and payment information, etc
Read More...The elevation of privileges bug in the Windows Common Log File System Driver is tracked as CVE-2022-37969, enabling local attackers to gain SYSTEM privileges following successful exploitation.
Read More...